Security Incidents mailing list archives

Re: Large ISP response to Code Red?

From: Kris Carlier <root () iguana be>
Date: Tue, 31 Jul 2001 18:53:54 +0200 (MET DST)

To me, this is the answer.  Server based systems usually have
plenty of bandwidth.  A different set of patches could be
offered for the desktop class systems (Win9x, Me, 2k Prof.)
that might be more bandwidth friendly and only applies to


small detail, IIRC, one of the windowsupdate servers fell victim to the CR
attack itself. So, here's a rethorical question: would you like your
system to be automatically updated ? What if the machine you trust is
infected ? Helluvaway to efficiently distribute a worm, no ?

kr=


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Large ISP response to Code Red? Jon O . (Jul 30)
- Re: Large ISP response to Code Red? Christian Kuhtz (Jul 30)
  - Re: Large ISP response to Code Red? David Hickman (Jul 31)
- Re: Large ISP response to Code Red? Seth Arnold (Jul 30)
  - Re: Large ISP response to Code Red? Mike Johnson (Jul 31)
    - Re: Large ISP response to Code Red? Kris Carlier (Jul 31)
    - RE: Large ISP response to Code Red? Jonathan A. Zdziarski (Jul 31)
  - Re: Large ISP response to Code Red? Rob McCauley (Jul 31)
  - Re: Large ISP response to Code Red? Valdis . Kletnieks (Jul 31)
- Re: Large ISP response to Code Red? kath (Jul 31)
- Re: Large ISP response to Code Red? Mike Lewinski (Jul 31)
- <Possible follow-ups>
- Re: Large ISP response to Code Red? Blake Frantz (Jul 31)
- RE: Large ISP response to Code Red? Jonathan A. Zdziarski (Jul 31)
  - Re: Large ISP response to Code Red? Seth Arnold (Jul 31)